SAML with Django authentication

Question

I'm using Django and nginx hosted on AWS. I'm trying to integrate with a university for SAML authentication, using their idp. There are plenty of outdated answers on SO, but is there anything more relevant with current standards?

Many of the apps i've seen are for django 1.2 and lower. Specifically i'm looking for resources that would allow me to more easily manage the SAML authentication through some middleware or anything else.

Some of the things I have seen are:

https://github.com/unomena/django-saml2-idp

https://github.com/WiserTogether/django-saml2-sp

Answer 1

SAML is two sides:

• IDP -> Identity Provider side -> i.e. the university
• SP -> Service Provider -> i.e. your application

Sounds like this one is what you want: https://github.com/WiserTogether/django-saml2-sp.

You have to take into account that SAML as a standard is complex, so you might find issues getting the library talk to the SAML implementation in the university. You will also have to get from them the identity provider cert public key and ask them to add your application on their side with a specific entity id. And when you start managing a couple of them it gets complex.

You might also want to check out something like Auth0 to handle all those SAML connections. There is a very simple python sample https://gist.github.com/woloski/8149412

Answer 2

The project I found is below:

https://bitbucket.org/lgs/djangosaml2/overview

The project uses psaml2 for SAML support. Pysaml2 can be found here:

https://github.com/rohe/pysaml2

Bear in mind that djangosaml2 may not use the latest version of pysaml2. I tested it and its working fine.

UPDATE

djangosaml2 works with latest version of pysaml2, but make sure to add this line to make it work:

SESSION_SERIALIZER = 'django.contrib.sessions.serializers.PickleSerializer'

This should be in your settings.py.